Apparently, several latest post in this thread have just dissapeared. How is that possible? Database was reset?

Previously, I have answered only half of this queston (I didn't notice the ommision).

Essentially, the CPU has to wait/stall more. For example: if the CPU rushes over a security check, then there could be a way for protected data to leak. The same goes for all ordinary braches, as those could be a part of a privilege isolation system.

Allso, cache latency is increased. The raw latencly likely goes up by 0.8 - 1.8 clock cycles (on average, there are various cases), but, hopefully, most of this gets ironed down by SE. The net result of increased cache latency is more CPU pipeline waits/stalls, so the number of waits/stall is the key metric for almot entire performance degradation.

I think I have an even better explanation for this question.

Speculative execution means that some computations are going to be performed before a branch direction is decided. Another way to say this is: speculative execution assigns results of ahead-of-time computataion to various execution paths.

So, when a branch is decided, SE engine must do both of the following things:
1. Discard all the results from rejected execution paths
2. Accept the results from accepted execution paths

The problem lies in 1) Discard. How can the CPU discard an execution path if it has already modified the cache, memory, perhaps even sent some I/O? I/O cant be undone. Undoing memory and cache modifications is hard. So, the solution is simply to NOT modify.

The second problem is with security checks. If a CPU doesn't wait on a security check, can the consequent writes to internal buffers be undone? Because, if a CPU has allowed an operation to proceed without waiting for secutity validation, then to undo that operation it also has to track all the consequent data movements. In a large CPU like a modern high-performace design, the changes caused by a single instruction are going to spill everywhere in the core. So, hard to track, hard to undo. And the solution is simple: the CPU has to wait more, so that changes do not propagate far, so that they are easy to undo.

Apparently, several latest post in this thread have just dissapeared. How is that possible? Database was reset?

While doing speculative execution, why not do "paranoid" speculative execution? (the processor executes the result of a branch twice (one for branch, another for don't branch))

The simple answer is that CPU can't execute a piece of code twice because CPU can't easily undo changes to caches and memory.

By the way, the "paranoid" speculative execution that you have described in your post is not paranoid at all, it is still vulnerable to SPECTRE.



This Weasel's answer is completely off-track. Speculative execution simply can't be performed on sufficiently long instruction sequences since CPU is going to run into a lots of load/store instructions which it can't quickly an efficiently undo. So, the real "paranoid" way to do SE is to stop speculative execution of an execution path whenever a load or store is reached, but that causes a pipeline to stall too often and kills the performance.

This all has nothing to do with "prediction rate", or "wasting resources on both branches".

Of course, and again, Weasel didn't bother to read my long answer above, because if he had red it, he wouldn't have posted this utterly misleading answer of his.

In fact, Weasel didn't even read the Stack Overflow answer, nor the actual question. But he linked to it (that's most important for him, an argument from authority).

As for the answer on Stack Overflow that he links to, I just actually bothered to read it.

The Stack Overflow question is not the same as the question posted here, tildearrow was asking here about avoiding SPECTRE, and the answer on Stack Overflow has nothing to do with SPECTRE.

So, completely misses the point.

Tildearrrow asked a question about SPECTRE. The answer you linked to has nothing to do with SPECTRE. And, you have just confirmed that here.

Most types of SPECTRE are based on modifications made by the CPU to the caches during speculative execution. It doesn't matter whether CPU "commits" the data or not, as long as the CPU modifies cache metadata during speculative execution.

I agree with you that implementing "undo" is not a big problem, in your words: "Undo is obviously not a problem for anyone with a brain". But, CPU manufacturers have refused to implement a sufficiently thorough undo operation for getting rid of SPECTRE v1.

That's exactly the most important part of my proposed solution to SPECTRE: thorough undo.

LOL. Proofs in the crafts of CPU design and computer programming are very rare. Instead of proofs, there is TESTING, lot of testing, and there are "best practices" like: functional programming, RISC design, object oriented programming, KISS, etc...

You also haven't posted any proofs. Why is that?

Let's fill this void a bit.

So, tildearrow, do you like my design so far?

In my mind, it's all relatively simple and straightforward.

Don't be afraid, I bite only when people are mean to me.